jasonszang commented on issue #747: BuiltinService不支持安全认证,可能导致一些支持热加载的gflag配置项被无端篡改 URL: https://github.com/apache/incubator-brpc/issues/747#issuecomment-487445220 你说的这段comment里的TODO的背景我很久以前遭遇过这个,如果我没记错的话,这个问题是这样的,brpc的一个长连接只有第一个rpc需要鉴权,通过了后续的就不需要鉴权了,于是如果开放builtin service端口给客户端,那么客户端可以先发一个内部服务,然后再发未鉴权的业务服务,来绕过鉴权。 这个应该不是builtin service不支持鉴权的理由,我个人觉得builtin加鉴权应该是没问题的,只是之前认为builtin不应该对外开放所以没做。你可以问问项目维护的同学看看有没有别的坑在里面。
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
